using Microsoft.AspNetCore.Authentication.Cookies;
using System.Security.Cryptography.X509Certificates;
using static OpenIddict.Abstractions.OpenIddictConstants;

var builder = WebApplication.CreateBuilder(args);

// Add services to the container.
builder.Services.AddControllersWithViews();

builder.Services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
    .AddCookie();

builder.Services
   .AddCors(options =>
   {
       options.AddDefaultPolicy(policy =>
       {
           policy.AllowAnyOrigin()
                 .AllowAnyHeader()
                 .AllowAnyMethod();
       });
   })
    .AddOpenIddict()
    .AddClient(options =>
    {
        // Note: this sample uses the code flow, but you can enable the other flows if necessary.
        options.AllowAuthorizationCodeFlow();

        // Register the signing and encryption credentials used to protect
        // sensitive data like the state tokens produced by OpenIddict.
        //options.AddDevelopmentEncryptionCertificate()
        //       .AddDevelopmentSigningCertificate();

        string baseDirectory = AppContext.BaseDirectory;
        string path1 = Path.Combine(baseDirectory, "cert", "encryption-certificate.pfx");
        string path2 = Path.Combine(baseDirectory, "cert", "signing-certificate.pfx");
        var c1 = new X509Certificate2(path1);
        var c2 = new X509Certificate2(path2);

        options.AddEncryptionCertificate(c1);
        options.AddSigningCertificate(c2);

        // Register the ASP.NET Core host and configure the ASP.NET Core-specific options.
        options.UseAspNetCore()
               .EnableStatusCodePagesIntegration()
               .EnableRedirectionEndpointPassthrough()
               .EnablePostLogoutRedirectionEndpointPassthrough();

        options.UseSystemNetHttp()
               .SetProductInformation(typeof(Program).Assembly);

        options.AddRegistration(new OpenIddict.Client.OpenIddictClientRegistration
        {
            //Issuer = new Uri("https://localhost:7016/", UriKind.Absolute),
            Issuer = new Uri("https://localhost:7089/", UriKind.Absolute),
            ClientId = "201902260001",
            ClientSecret = "6C5327B841F24B52BCFD1292D6A91F57",
            Scopes = { Scopes.Profile, Scopes.OpenId },
            RedirectUri = new Uri("callback/login/local", UriKind.Relative),
            PostLogoutRedirectUri = new Uri("callback/logout/local", UriKind.Relative),
        });

        options.UseAspNetCore()
               .Configure(options => options.CookieBuilder.SameSite = SameSiteMode.None)
               .EnableStatusCodePagesIntegration()
               .EnableRedirectionEndpointPassthrough()
               .EnablePostLogoutRedirectionEndpointPassthrough();

        options.DisableTokenStorage();
    });

var app = builder.Build();
app.UseCors();

// Configure the HTTP request pipeline.
if (!app.Environment.IsDevelopment())
{
    app.UseExceptionHandler("/Home/Error");
    // The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
    app.UseHsts();
}

app.UseHttpsRedirection();
app.UseRouting();

app.UseAuthorization();

app.MapStaticAssets();



app.MapControllerRoute(
    name: "default",
    pattern: "{controller=Home}/{action=Index}/{id?}")
    .WithStaticAssets();

app.Run();
